Hi All,
The NSA just published Advancing Zero Trust Maturity Throughout the Automation and Orchestration Pillar.
The security of government and industry information and services is predicated on timely responsiveness to cybersecurity threats. Automation and orchestration can respond to threats much faster than manual methods alone, which may not be fast enough to prevent compromise or damage.
The automation and orchestration pillar is the set of Zero Trust capabilities that automates security actions and reactions based on defined processes and security policies across the enterprise, with a focus on speed and scale. Automation is the use of software to control repetitive tasks, and orchestration is the coordination of IT processes and workflows to ensure proper management of tasks. By implementing and maturing automation and orchestration capabilities, an organization can become much more resilient to ever increasing and increasingly sophisticated cyber intrusion attempts, even partially successful ones.
This pillar emphasizes dynamic security responses across the enterprise using policy orchestration to enforce policy decisions; critical process automation to improve efficiency; artificial intelligence / machine learning where applicable to further improve automation; security orchestration, automation, and response (SOAR) to weave together response actions; data exchange standardization to enable interoperability among capabilities; and security operations and incident response coordination, plans, and abilities. This cybersecurity information sheet (CSI) describes these automation and orchestration pillar capabilities and recommendations for reaching increasing maturity levels.
------------------------------
Michael Roza CPA, CISA, CIA, CC, MBA, Exec MBA, CSA Research Fe
------------------------------